CVE 9.6 CRITICAL

CVE-2025-63532_CVE-2025-63532

December 1, 2025 invoker category_cve

9.6 / 10

CRITICAL

CVSS:3.1/AC:L/AV:N/A:N/C:H/I:H/PR:L/S:C/UI:N

Description

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

AI Analysis

SQL injection vulnerability allowing arbitrary SQL code injection and unauthorized access

Basic Information

ID CVE-2025-63532

Source mitre

Published Dec 1, 2025 at 00:00

Modified Dec 1, 2025 at 18:26

Affected Product

Vendor Shridharshukl

Product Blood Bank Management System

Version 1.0

Affected Versions n/a n/a n/a

CWE Classification

CWE-89

AI Assessment

AI Score 9.6 / 10

AI Severity Critical

Vendor Shridharshukl

Product Blood Bank Management System

Version 1.0

References

{
    "lastseen": "",
    "description": "A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.",
    "published": "2025-12-01T00:00:00.000Z",
    "modified": "2025-12-01T18:26:47.781Z",
    "type": "cve",
    "title": "CVE-2025-63532",
    "source": "mitre",
    "references": "https://github.com/Shridharshukl/Blood-Bank-Management-System\nhttps://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing\nhttps://github.com/kiwi865/CVEs/blob/main/CVE-2025-63532.md",
    "id": "CVE-2025-63532",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:H/PR:L/S:C/UI:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Blood Bank Management System",
    "version": "1.0",
    "vendor": "Shridharshukl",
    "ai_description": "SQL injection vulnerability allowing arbitrary SQL code injection and unauthorized access",
    "ai_severity": "Critical",
    "ai_vendor": "Shridharshukl",
    "ai_product": "Blood Bank Management System",
    "ai_version": "1.0",
    "ai_score": 9.6
}

💭 Join the Security Discussion ❌ Cancel Reply